Description
In NGFW policy mode, if an application, application category, or application group is selected on a security policy, and traffic logging is set to UTM or All, then application control logs will be generated.
In addition, when a signature is set to the ACCEPT action under a security policy, all corresponding child signatures will be assessed and logged as well.
This article describes how to apply logging in NGFW policy mode.
Scope
For version 6.4.2.
Solution
To verify application logging.
1) Go to Policy & Objects -> Security Policy and configure a new policy for YouTube.
2) Set Action to 'ACCEPT' and Log Allowed Traffic to Security Events.
In NGFW policy mode, if an application, application category, or application group is selected on a security policy, and traffic logging is set to UTM or All, then application control logs will be generated.
In addition, when a signature is set to the ACCEPT action under a security policy, all corresponding child signatures will be assessed and logged as well.
This article describes how to apply logging in NGFW policy mode.
Scope
For version 6.4.2.
Solution
To verify application logging.
1) Go to Policy & Objects -> Security Policy and configure a new policy for YouTube.
2) Set Action to 'ACCEPT' and Log Allowed Traffic to Security Events.
3) Configure the remaining settings as required, then select 'OK'.
4) On a client system, play some YouTube videos.
5) On FortiOS, go to Log & Report -> Application Control and view the logs.
4) On a client system, play some YouTube videos.
5) On FortiOS, go to Log & Report -> Application Control and view the logs.
There are logs not only for YouTube, but also for YouTube_Video.Play, YouTube_Video.Access, and so on, as verified from the Application Name column.
